TULIPS Research Group

The Technology Usability Lab in Privacy and Security (TULIPS) brings together a diverse set of students and researchers interested in understanding and improving the usability of security and privacy technologies. The lab is part of the University of Edinburgh's Security and Privacy group.

Research Projects

Just like any other human computer interface, APIs need to be designed to be usable, minimize accidental error, and generally support the workflow of users. When these principles are not taken into account, it becomes easy for even highly skilled developers to make mistakes. While several HCI methods exist for exploring API usability and creating new API designs, in general there have been few attempts to apply them to security libraries.

Reading a URL is one of the key abilities necessary for identifying malicious communications, but many people cannot accurately read a URL and predict where it will go. This happens for several reasons, URLs are naturally complex to read, visually identical characters can easily confuse a person, and for some URLs, such as shortened ones, it is physically impossible to predict the destination from simply reading the text due to redirection.

Topics in computer security, such as firewalls, can seem inaccessible or very difficult to beginners. That perceived inaccessibility is a serious problem at a time when we need to be attracting more people of all types into the area of computer security. In this project we explore the use of educational games as a way of both teaching about computer security concepts as well as creating controlled spaces were we can test new security technology approaches.

Updating software is one of the best ways to keep a computer safe, yet many people choose not to install updates in a timely maner. This work explores the reasons behind avoiding updates for both end users and system administrators.

Consumers are generally concerned about their privacy when using Internet of Things (IoT) devices. This project explores different ways to help people better understand the implications of their "things".